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BACKGROUND OF THE INVENTION 
Field of the Invention 

This invention relates generally to the field of video 
distribution networks. In particular, this invention relates 
to secure video distribution networks. 

Description of the Background Art 

Security is an important issue for video distribution 
networks. For cable distribution networks, there are various 
portions or locations where security is of concern. 

A first portion where security is of concern is the 
primary distribution network. The primary distribution 
network is where video content is transferred from television 
studios to distribution centers. A second portion where 
security is of concern is the secondary distribution network. 
The secondary distribution network is where the video content 
is transmitted from a distribution center to subscriber 
stations . 
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For video on-demand distribution networks, there is an 
additional point where security is of concern. That point is 
a remote server within a distribution center. Typically, 
such a remote server stores the video content before the 
video content is distributed to the subscriber stations. 

SUMMARY OF THE INVENTION 

The present invention provides a solution to the 
security issues presented above, especially with regards to 
security at a remote server. In accordance with a first 
aspect of the invention, an interactive information 
distribution system provides secure distribution of video-on- 
demand content. The interactive information distribution 
system includes at least one programming source for storing 
at least one partially encrypted video program, and a 
distribution center including a remote server. 

The remote server stores the at least one partially 
encrypted video program received from the at least one 
programming source. The remote server also processes the 
partially encrypted video program corresponding to a 
subscriber requested video program to produce a fully 
encrypted video program. A subscriber- side distribution 
network, coupled to the distribution center, causes 
transmission of the fully encrypted video program to the 
requesting subscriber. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 is a schematic diagram of a conventional cable 
distribution network. 

Fig. 2 is a flow chart depicting a conventional insecure 
process for distributing video content via a conventional 
cable distribution network. 
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Fig. 3 is a flow chart depicting a conventional 
(somewhat) secure process for distributing video content via 
a conventional cable distribution network. 

Fig. 4 is a schematic diagram of a cable distribution 
network including a video on-demand source in accordance with 
a preferred embodiment of the present invention. 

Fig. 5A is a flow chart depicting a secure process for 
distributing video on-demand content via a cable distribution 
network in accordance with a first aspect of the present 
invention . 

Fig. 5B is a flow chart depicting a secure process for 
distributing video on-demand content via a cable distribution 
network in accordance with a second aspect of the present 
invention . 

Fig. 6 is a flow chart depicting a secure process for 
distributing video on-demand content via a cable distribution 
network in accordance with a third aspect of the present 
invention. 

Fig. 7 is a flow chart depicting a secure process for 
distributing video on-demand content via a cable distribution 
network in accordance with a fourth aspect of the present 
invention . 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

Fig. 1 is a schematic diagram of a conventional cable 
distribution network. The conventional cable distribution 
network typically includes one or more broadcast sources 102, 
one or more premium broadcast sources 104, one or more 
distribution centers 106, one or more secondary distribution 
networks 108, and a plurality of subscriber stations 110. 

The broadcast source 102 may be, for example, a local 
television station. For instance, an affiliate station of a 
major network such as ABC, NBC, CBS, FOX, or UPN. The 
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premium broadcast source 104 may be, for example, a premium 
channel such as HBO, Showtime, Cinemax, and so on. The 
sources 102 and 104 may be coupled via a primary distribution 
network to the distribution center 106. The distribution 
center 10 6 may be, for example, a cable head- end. The 
distribution center 106 may be coupled via a secondary 
distribution network 108 to the subscriber stations 110. The 
secondary distribution network 108 comprises may include, for 
example, various amplifiers, bridges, taps, and drop cables. 
Finally, the subscriber stations 110 may be, for example, 
set-top boxes and associated television equipment for viewing 
the video content by end users . 

Fig. 2 is a flow chart depicting a conventional insecure 
process for distributing video content via a conventional 
cable distribution network. First, a non-premium video 
signal is transported 2 02 from the broadcast source 102 to 
the distribution center 106. At the distribution center 106, 
the video signal is multiplexed 2 04 with other signals to 
generate a multiplexed signal. The multiplexed signal is 
then distributed 206 from the distribution center 106 via the 
secondary distribution network 108 to the subscriber stations 
110. At the subscriber stations 110, the multiplexed signal 
is demultiplexed 208 to isolate the video signal, and then 
the video signal is displayed 210, typically, on a television 
monitor . 

Fig. 3 is a flow chart depicting a conventional 
(somewhat) secure process for distributing video content via 
a conventional cable distribution network. First, a premium 
video signal is encrypted 3 02 to generate an encrypted 
signal. The encrypted signal is transported 304 from the 
premium broadcast source 104 to the distribution center 106. 

At the distribution center 106, the video signal is 
decrypted 306 to regenerate the premium video signal. The 
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premium video signal is then scrambled 3 08 and multiplexed 
310 with other signals to generate a multiplexed signal. The 
multiplexed signal is then distributed 312 from the 
distribution center 106 via the secondary distribution 
network 108 to the subscriber stations 110. 

At the subscriber stations 110, the multiplexed signal 
is demultiplexed 314 to isolate the scrambled video signal, 
the scrambled video signal is unscrambled 316, and then the 
video signal is displayed 318, typically, on a television 
monitor connected to a set-top box. The process in Fig. 3 is 
a typical conventional process for delivering premium video 
using scrambling. Other conventional processes also exist. 

Fig. 4 is a schematic diagram of a cable distribution 
network including a video on-demand source in accordance with 
a preferred embodiment of the present invention. In addition 
to the components of the conventional cable distribution 
network shown in Fig. 1, the cable distribution network shown 
in Fig. 4 includes a video on-demand source 402 and a remote 
server 404. The video on-demand source 402 may house, for 
example, a collection of video programs such as, for example, 
movies. As shown in Fig. 4, the remote server 404 may be 
located within the distribution center 106. The remote 
server 404 may include, for example, a parallel processing 
computer configured to be a video server, a disk drive array 
to store video data, and a video session manager to provide 
session control of the video data flowing to and from the 
video server. 

Fig. 5A is a flow chart depicting a secure process for 
distributing video on-demand content via a cable distribution 
network in accordance with a first aspect of the present 
invention. The process depicted in Fig. 5A may be called a 
store, decrypt, and re-encrypt process. 
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First, a video program is encrypted 502 by a video on- 
demand source 4 02 to generate an encrypted program in a 
first encrypted form. The encrypted program is transported 
504 via a primary distribution network from the video on- 
demand source 402 to a remote server 404 within a 
distribution center 106. The encrypted program is then 
stored 506 in the remote server 404. 

Subsequently, when the remote server 404 receives 508 a 
request for transmission of the video program from a 
subscriber station 110, the remote server 404 responds by 
first decrypting 510 the video program from the first 
encrypted form. A first key is may be used to accomplish 
such decryption 510, and such key may have been received from 
the video on-demand source 402 via a communication channel 
that is separate from the one used to transmit the video 
program. After the video program is decrypted 510, the 
remote server 404 re-encrypts 512 the video program into a 
second encrypted form using a second key. 

The second key may be a public key of a public key 
encryption system. Such a public key encryption system uses 
two different key: a public key to encrypt data and a 
private key to decrypt data. In that case, decryption would 
be accomplished using a corresponding private key of the 
public key encryption system. Examples of such a public key 
encryption system is encryption under the PGP (Pretty Good 
Privacy) system or under the RSA (Rivest, Shamir, and 
Adleman) system. Alternatively, the second key may be a 
private key of a private key encryption system. Such a 
private key encryption system uses a single private key to 
encrypt and decrypt data. Examples of such a private key 
encryption system is encryption under the Data Encryption 
Standard (DES) or under triple-DES which involves applying 
DES three times to enhance security. The private key(s) 
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itself may be transmitted from the remote server 404 to the 
subscriber station 110 while encrypted in a third encrypted 
form. 

After the video program is re-encrypted 512, the re- 
encrypted program in the second encrypted form (and the 
second key if necessary) is multiplexed 514 with other 
signals to generate a multiplexed signal. The multiplexed 
signal is then distributed 516 via the secondary distribution 
network 108 to the subscriber stations 110. 

At the subscriber stations 110, the multiplexed signal 
is demultiplexed 518 to isolate the re-encrypted program in 
the second encrypted form (and the second key if necessary) , 
the re -encrypted program is decrypted 52 0 from the second 
encrypted form to generate the unencrypted video program, and 
then the video program is displayed 522, typically, on a 
television monitor connected to set -top box. 

Fig. 5B is a flow chart depicting a secure process for 
distributing video on-demand content via a cable distribution 
network in accordance with a second aspect of the present 
invention. The process depicted in Fig. 5B may be called a 
decrypt, re-encrypt, and store process. In comparison with 
the process in Fig. 5A, the process in Fig. 5B decrypts 510 
and re-encrypts 512 the video program before the video 
program is stored 506 in the remote server 404. 

First, a video program is encrypted 502 by a video on- 
demand source 4 02 to generate an encrypted program in a first 
encrypted form. The encrypted program is transported 504 via 
a primary distribution network from the video on-demand 
source 402 to a remote server 404 within a distribution 
center 106. At this point, the remote server 510 decrypts 
510 the video program from the first encrypted form. A first 
key is may be used to accomplish such decryption 510, and 
such key may have been received from the video on-demand 
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source 402 via a communication channel that is separate from 
the one used to transmit the video program. After the video 
program is decrypted 510, the remote server 404 re-encrypts 
512 the video program into a second encrypted form using a 
second key. After the decryption 510 and re-encryption 512, 
the re-encrypted program is then stored 506 in the remote 
server 4 04. 

Note that step 506 in Fig. 5B differs from step 506 in 
Fig. 5A in that step 506 in Fig. 5B involves storing the 
video program in the second encrypted form while step 506 in 
Fig. 5A involves storing the video program in the first 
encrypted form. 

Subsequently, when the remote server 404 receives 508 a 
request for transmission of the video program from a 
subscriber station 110, the remote server 404 responds by 
multiplexing 514 the re-encrypted program in the second 
encrypted form (and the second key if necessary) with other 
signals to generate a multiplexed signal. The multiplexed 
signal is then distributed 516 via the secondary distribution 
network 108 to the requesting subscriber station 110. 

At the subscriber stations 110, the multiplexed signal 
is demultiplexed 518 to isolate the re-encrypted program in 
the second encrypted form (and the second key if necessary) , 
the re-encrypted program is decrypted 520 from the second 
encrypted form to generate the unencrypted video program, and 
then the video program is displayed 522, typically, on a 
television monitor connected to set-top box. 

Fig. 6 is a flow chart depicting a secure process for 
distributing video on-demand content via a cable distribution 
network in accordance with a third aspect of the present 
invention. The process depicted in Fig. 6 may be called a 
pass-through process. 
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First, a video program is encrypted 602 by a video on- 
demand source 402 to generate an encrypted program in a first 
encrypted form. The encrypted program is transported 6 04 via 
a primary distribution network from the video on-demand 
source 4 02 to a remote server 4 04 within a distribution 
center 106. A key to decrypt the encrypted program may also 
be transported from the source 4 02 to the server 4 04. The 
encrypted program is then stored 606 in the remote server 
404 . 

The key may be a public key of a public key encryption 
system. Such a public key encryption system uses two 
different key: a public key to encrypt data and a private 
key to decrypt data. In that case, decryption would be 
accomplished using a corresponding private key of the public 
key encryption system. Examples of such a public key 
encryption system is encryption under the PGP (Pretty Good 
Privacy) system or under the RSA (Rivest, Shamir, and 
Adleman) system. Alternatively, the key may be a private key 
of a private key encryption system. Such a private key 
encryption system uses a single private key to encrypt and 
decrypt data. Examples of such a private key encryption 
system is encryption under the Data Encryption Standard (DES) 
or under triple-DES which involves applying DES three times 
to enhance security. The private key(s) itself may be 
transmitted from the source 402 to the server 404 while 
encrypted in a second encrypted form. Alternatively, the 
private key(s) may be transported from the source 4 02 to the 
server 4 04 via a communication channel which is separate from 
the communication channel used to transport the video program 
from the source 402 to the server 404. 

Subsequently, when the remote server 4 04 receives 608 a 
request for transmission of the video program from a 
subscriber station 110, the remote server 4 04 responds by 
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multiplexing 610 the encrypted program in the first encrypted 
form (and the key if necessary) with other signals to 
generate a multiplexed signal. The multiplexed signal is 
then distributed 612 via the secondary distribution network 
108 to the requesting subscriber station 110. 

At the subscriber stations 110, the multiplexed signal 
is demultiplexed 614 to isolate the encrypted program in the 
first encrypted form (and the key if necessary) , the 
encrypted program is decrypted 616 from the first encrypted 
form to generate the unencrypted video program, and then the 
video program is displayed 618, typically, on a television 
monitor connected to set -top box. 

Fig. 7 is a flow chart depicting a secure process for 
distributing video on-demand content via a cable distribution 
network in accordance with a fourth aspect of the present 
invention. The process depicted in Fig. 7 may be called a 
multiple-layer encryption process. In comparison with the 
process in Fig. 6, the process in Fig. 7 pre-encrypts 702 the 
video program at the source 402, completes encryption 704 of 
the video program at the remote server 404, and fully 
decrypts 706 the video program at the subscriber station 110. 

The pre -encrypt ion step 702 may be implemented by 
applying a single DES encryption or a double DES encryption. 
If the pre -encrypt ion step 702 uses a single DES encryption, 
then the completion of encryption step 704 may be implemented 
by applying a double DES encryption to achieve triple-DES 
encryption. Similarly, if the pre -encrypt ion step 702 uses a 
double DES encryption, then the completion of encryption step 
704 may be implemented by applying a single DES encryption to 
achieve triple-DES encryption. In either case, the video 
program is transported from the remote server 4 04 to the 
subscriber station 110 while under triple-DES encryption. As 
long as the subscriber station has the three keys required, 
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it will be able to fully decrypt 706 the triple-DES 
encryption to obtain the unencrypted video program. 

It is to be understood that the specific mechanisms and 
techniques which have been described are merely illustrative 
of one application of the principles of the invention. For 
example, while the present invention is described in 
application to video on-demand, it also has some application 
in broadcast video. Numerous additional modifications may be 
made to the methods and apparatus described without departing 
from the true spirit of the invention. 
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